RubyGems - stormpath-rails - Versions diffs - 1.1.2.beta → 2.0.0 - Mend

stormpath-rails 1.1.2.beta → 2.0.0

Files changed (130) hide show

data/app/services/stormpath/rails/delete_access_token.rb ADDED Viewed

@@ -0,0 +1,48 @@
+module Stormpath
+  module Rails
+    class DeleteAccessToken
+      def self.call(token)
+        new(token).call
+      end
+      def initialize(token)
+        @token = token
+      end
+      def call
+        token && delete_token
+      end
+      private
+      def delete_token
+        token_resource.delete
+      rescue JWT::ExpiredSignature, JWT::DecodeError
+      end
+      def token_resource
+        tokens_collection.get(token_unique_identifier)
+      end
+      def tokens_collection
+        stormpath_client.access_tokens
+      end
+      def token_unique_identifier
+        JWT.decode(token, api_key_secret).first['jti']
+      end
+      def api_key_secret
+        stormpath_client.data_store.api_key.secret
+      end
+      def stormpath_client
+        Stormpath::Rails::Client.client
+      end
+      private
+      attr_reader(:token)
+    end
+  end
+end

data/app/services/stormpath/rails/delete_refresh_token.rb ADDED Viewed

@@ -0,0 +1,11 @@
+module Stormpath
+  module Rails
+    class DeleteRefreshToken < DeleteAccessToken
+      private
+      def tokens_collection
+        stormpath_client.refresh_tokens
+      end
+    end
+  end
+end

data/app/services/stormpath/rails/forgot_password_token_verification.rb ADDED Viewed

@@ -0,0 +1,31 @@
+module Stormpath
+  module Rails
+    class ForgotPasswordTokenVerification
+      attr_reader :sptoken
+      def initialize(sptoken)
+        raise(NoSptokenError) if sptoken.nil?
+        @sptoken = sptoken
+      end
+      def call
+        begin
+          account_from_token
+        rescue Stormpath::Error => error
+          raise if error.status != 404
+          raise InvalidSptokenError, error.message
+        end
+      end
+      private
+      def account_from_token
+        Stormpath::Rails::Client
+          .application
+          .password_reset_tokens
+          .get(sptoken)
+          .account
+      end
+    end
+  end
+end

data/app/services/stormpath/rails/password_change.rb ADDED Viewed

@@ -0,0 +1,17 @@
+module Stormpath
+  module Rails
+    class PasswordChange
+      attr_reader :account, :password
+      def initialize(sptoken, password)
+        @account = ForgotPasswordTokenVerification.new(sptoken).call
+        @password = password
+      end
+      def call
+        account.password = password
+        account.save
+      end
+    end
+  end
+end

data/app/services/stormpath/rails/refresh_token_authentication.rb ADDED Viewed

@@ -0,0 +1,28 @@
+module Stormpath
+  module Rails
+    class RefreshTokenAuthentication
+      attr_reader :refresh_token
+      def initialize(refresh_token)
+        raise(FormError, "Refresh token can't be blank") if refresh_token.blank?
+        @refresh_token = refresh_token
+      end
+      def save!
+        Client.application.authenticate_oauth(refresh_grant_request)
+      end
+      private
+      def refresh_grant_request
+        Stormpath::Oauth::RefreshGrantRequest.new(refresh_token)
+      end
+      class FormError < ArgumentError
+        def status
+          400
+        end
+      end
+    end
+  end
+end

data/app/services/stormpath/rails/resend_email_verification.rb ADDED Viewed

@@ -0,0 +1,33 @@
+module Stormpath
+  module Rails
+    class ResendEmailVerification
+      PROPERTY_VALUE_DOES_NOT_MATCH_A_STORMPATH_RESOURCE_CODE = 2016
+      attr_reader :email
+      def initialize(email)
+        raise(NoEmailError, 'Email parameter not provided.') if email.blank?
+        @email = email
+      end
+      def call
+        begin
+          application.verification_emails.create(login: email)
+        rescue Stormpath::Error => error
+          if error.code == PROPERTY_VALUE_DOES_NOT_MATCH_A_STORMPATH_RESOURCE_CODE
+            raise UnexistingEmailError, error.message
+          else
+            raise
+          end
+        end
+      end
+      def application
+        Stormpath::Rails::Client.application
+      end
+      NoEmailError = Class.new(ArgumentError)
+      UnexistingEmailError = Class.new(ArgumentError)
+    end
+  end
+end

data/app/services/stormpath/rails/send_password_reset_email.rb ADDED Viewed

@@ -0,0 +1,33 @@
+module Stormpath
+  module Rails
+    class SendPasswordResetEmail
+      PROPERTY_VALUE_DOES_NOT_MATCH_A_STORMPATH_RESOURCE_CODE = 2016
+      attr_reader :email
+      def initialize(email)
+        raise(NoEmailError, 'Email parameter not provided.') if email.blank?
+        @email = email
+      end
+      def call
+        begin
+          application.send_password_reset_email(email)
+        rescue Stormpath::Error => error
+          if error.code == PROPERTY_VALUE_DOES_NOT_MATCH_A_STORMPATH_RESOURCE_CODE
+            raise UnexistingEmailError, error.message
+          else
+            raise
+          end
+        end
+      end
+      def application
+        Stormpath::Rails::Client.application
+      end
+      NoEmailError = Class.new(ArgumentError)
+      UnexistingEmailError = Class.new(ArgumentError)
+    end
+  end
+end

data/app/services/stormpath/rails/token_cookie_setter.rb ADDED Viewed

@@ -0,0 +1,84 @@
+module Stormpath
+  module Rails
+    class TokenCookieSetter
+      attr_reader :cookie_jar, :access_token, :refresh_token
+      def self.call(cookie_jar, authentication_result)
+        new(cookie_jar, authentication_result).call
+      end
+      def initialize(cookie_jar, authentication_result)
+        @cookie_jar     = cookie_jar
+        @access_token   = authentication_result.access_token
+        @refresh_token  = authentication_result.refresh_token
+      end
+      def call
+        SingleTokenCookieSetter.new(cookie_jar, access_token, access_token_cookie_config).call
+        SingleTokenCookieSetter.new(cookie_jar, refresh_token, refresh_token_cookie_config).call
+      end
+      private
+      def access_token_cookie_config
+        Stormpath::Rails.config.web.access_token_cookie
+      end
+      def refresh_token_cookie_config
+        Stormpath::Rails.config.web.refresh_token_cookie
+      end
+    end
+  end
+end
+class SingleTokenCookieSetter
+  attr_reader :cookie_jar, :token, :token_config
+  def initialize(cookie_jar, token, token_config)
+    @cookie_jar = cookie_jar
+    @token = token
+    @token_config = token_config
+  end
+  def call
+    cookie_jar[token_config.name] = cookie_data
+  end
+  private
+  def cookie_data
+    {
+      value: token,
+      expires: expires,
+      httponly: http_only,
+      path: path,
+      domain: domain,
+      secure: secure
+    }.compact
+  end
+  def expires
+    Time.zone.at(JWT.decode(token, ENV['STORMPATH_API_KEY_SECRET']).first['exp'])
+  end
+  def http_only
+    if token_config.http_only == false
+      nil
+    else
+      true
+    end
+  end
+  def path
+    token_config.path || '/'
+  end
+  def domain
+    token_config.domain
+  end
+  def secure
+    token_config.secure || false
+  end
+end
+# check for domain and https true

data/app/services/stormpath/rails/verify_email_token.rb ADDED Viewed

@@ -0,0 +1,27 @@
+module Stormpath
+  module Rails
+    class VerifyEmailToken
+      attr_reader :sptoken
+      def initialize(sptoken)
+        raise(NoSptokenError) if sptoken.nil?
+        @sptoken = sptoken
+      end
+      def call
+        begin
+          client.accounts.verify_email_token(sptoken)
+        rescue Stormpath::Error => error
+          raise if error.code != 404
+          raise InvalidSptokenError, error.message
+        end
+      end
+      private
+      def client
+        Stormpath::Rails::Client.client
+      end
+    end
+  end
+end

data/app/views/{passwords/forgot_change.html.erb → stormpath/rails/change_password/new.html.erb} RENAMED Viewed

@@ -14,17 +14,11 @@
             </div>
           <% end %>
-          <%= form_for :password, html: { class: "login-form form-horizontal" }, url: forgot_update_path(@account_url) do |form| %>
+          <%= form_for :password, url: "/change?sptoken=#{params[:sptoken]}", html: { class: "login-form form-horizontal" } do |form| %>
             <div class="form-group group-password">
-              <%= form.label :original, class: "col-sm-4" %>
+              <%= form.label :password, 'Password', class: "col-sm-4" %>
               <div class="col-sm-8">
-                <%= form.password_field :original, placeholder: 'Password', class: "form-control" %>
-              </div>
-            </div>
-            <div class="form-group group-password">
-              <%= form.label :repeated, 'Password (Again)', class: "col-sm-4" %>
-              <div class="col-sm-8">
-                <%= form.password_field :repeated, placeholder: 'Password (Again)', class: "form-control" %>
+                <%= form.password_field :repeated, placeholder: 'Password', class: "form-control", name: :password %>
               </div>
             </div>
             <div>
@@ -35,4 +29,4 @@
       </div>
     </div>
   </div>
-</div>
+</div>

data/app/views/{passwords/forgot.html.erb → stormpath/rails/forgot_password/new.html.erb} RENAMED Viewed

@@ -1,6 +1,16 @@
 <div class="container custom-container">
   <div class="va-wrapper">
     <div class="view login-view container">
+      <% if params[:status] == 'invalid_sptoken' %>
+        <div class="row">
+          <div class="alert alert-warning">
+            <p>
+              The password reset link you tried to use is no longer valid. Please request a new link from the form below.
+            </p>
+          </div>
+        </div>
+      <% end %>
       <div class="box row">
         <div class="email-password-area col-xs-12 large col-sm-12">
           <div class="header">
@@ -14,11 +24,11 @@
             </div>
           <% end %>
-          <%= form_for :password, html: { class: "login-form form-horizontal" }, url: forgot_send_path do |form| %>
+          <%= form_for :password, html: { class: "login-form form-horizontal" }, url: forgot_password_path do |form| %>
             <div class="form-group group-email">
               <%= form.label :email, class: "col-sm-4" %>
               <div class="col-sm-8">
-                <%= form.text_field :email, placeholder: 'Email', class: "form-control" %>
+                <%= form.text_field :email, placeholder: 'Email', class: "form-control", name: :email %>
               </div>
             </div>
             <div>
@@ -27,7 +37,7 @@
           <% end %>
         </div>
       </div>
-      <%= link_to "Back to Log In", sign_in_path, class: "forgot" %>
+      <%= link_to "Back to Log In", new_login_path, class: "forgot" %>
     </div>
   </div>
-</div>
+</div>

data/app/views/{layouts → stormpath/rails/layouts}/stormpath.html.erb RENAMED Viewed

@@ -1,7 +1,7 @@
 <!DOCTYPE html>
 <html>
 <head>
-  <title>StormAuth</title>
+  <title><%= Rails.application.class.parent_name %></title>
   <%= stylesheet_link_tag  "//fonts.googleapis.com/css?family=Open+Sans:300italic,300,400italic,400,600italic,600,700italic,700,800italic,800" %>
   <%= stylesheet_link_tag  "//netdna.bootstrapcdn.com/bootstrap/3.1.1/css/bootstrap.min.css" %>
   <%= stylesheet_link_tag    'application', media: 'all', 'data-turbolinks-track' => true %>
@@ -20,8 +20,8 @@
   <% end %>
   <% if signed_in? %>
-    <p>Logged in as: <%= current_user.given_name %></p>
-    <%= link_to "Log out", sign_out_path, method: :delete %>
+    <p>Logged in as: <%= current_account.given_name %></p>
+    <%= link_to "Log out", logout_path, method: :post %>
   <% end %>
   <%= yield %>

data/app/views/stormpath/rails/login/_form.html.erb ADDED Viewed

@@ -0,0 +1,45 @@
+<div class="email-password-area col-xs-12 <%= box_class %>">
+  <div class="header">
+    <span>Log in or <%= link_to "Create Account", new_register_path %></span>
+  </div>
+  <% if flash[:error] %>
+    <div class="alert alert-danger bad-login">
+      <p><%= flash[:error] %></p>
+    </div>
+  <% end %>
+  <% if params[:status].present? %>
+    <% case params[:status] %>
+    <% when 'unverified' %>
+      <div class="alert alert-success">
+        <p>Your account verification email has been sent! Before you can log into your account, you need to activate your account by clicking the link we sent to your inbox. Didn't get the email? <%= link_to "Click Here", Stormpath::Rails.config.web.verify_email.uri %></p>
+      </div>
+    <% when 'verified' %>
+      <div class="alert alert-success">
+        <p>Your Account Has Been Verified. You may now login.</p>
+      </div>
+    <% when 'created' %>
+      <div class="alert alert-success">
+        <p>Your Account Has Been Created. You may now login.</p>
+      </div>
+    <% when 'forgot' %>
+      <div class="alert alert-success">
+        <p>Password Reset Requested. If an account exists for the email provided, you will receive an email shortly.</p>
+      </div>
+    <% when 'reset' %>
+      <div class="alert alert-success">
+        <p>Password Reset Successfully. You can now login with your new password.</p>
+      </div>
+    <% end %>
+  <% end %>
+  <%= form_for '', url: login_path(next: params[:next]), html: {class: "login-form form-horizontal"} do |form| %>
+    <%= render 'stormpath/rails/shared/input', form: form, input_config: Stormpath::Rails.config.web.login.form.fields.login, input_name: :login, value: params[:login] %>
+    <%= render 'stormpath/rails/shared/input', form: form, input_config: Stormpath::Rails.config.web.login.form.fields.password, input_name: :password, value: nil %>
+    <div>
+      <%= button_tag "Log in", :class => "login btn btn-login btn-sp-green", :type => "submit" %>
+    </div>
+  <% end %>
+</div>

data/app/views/stormpath/rails/login/new.html.erb ADDED Viewed

@@ -0,0 +1,12 @@
+<div class="container custom-container">
+  <div class="va-wrapper">
+    <div class="view login-view container">
+      <div class="box row">
+        <%= render partial: 'stormpath/rails/login/form' %>
+      </div>
+      <% if Stormpath::Rails.config.web.forgot_password.enabled %>
+        <%= link_to "Forgot Password?", new_forgot_password_path, class: "forgot" %>
+      <% end %>
+    </div>
+  </div>
+</div>

data/app/views/stormpath/rails/register/_form.html.erb ADDED Viewed

@@ -0,0 +1,19 @@
+<div class="col-sm-12">
+  <div class="header">
+    <span>Create Account</span>
+  </div>
+  <% if flash[:error] %>
+    <div class="alert alert-danger">
+      <p><%= flash[:error] %></p>
+    </div>
+  <% end %>
+  <%= form_for '', url: register_path, html: { class: "registration-form form-horizontal sp-form" } do |form| %>
+    <% Stormpath::Rails::RegistrationFormFields.enabled_field_names.each do |field| %>
+      <%= render 'stormpath/rails/shared/input', form: form, input_config: Stormpath::Rails.config.web.register.form.fields.send(field), input_name: field.to_s.camelize(:lower), value: params[field.to_s.camelize(:lower)] %>
+    <% end %>
+    <%= button_tag "Create Account", :class => "btn btn-register btn-sp-green", :type => "submit" %>
+  <% end %>
+</div>

data/app/views/{users → stormpath/rails/register}/new.html.erb RENAMED Viewed

@@ -2,9 +2,9 @@
   <div class="va-wrapper">
     <div class="view registration-view container">
       <div class="box row">
-        <%= render partial: '/users/form' %>
+        <%= render partial: 'stormpath/rails/register/form' %>
       </div>
-      <%= link_to "Back to Log In", sign_in_path, class: "to-login" %>
+      <%= link_to "Back to Log In", new_login_path, class: "to-login" %>
     </div>
   </div>
-</div>
+</div>

data/app/views/stormpath/rails/shared/_input.html.erb ADDED Viewed

@@ -0,0 +1,15 @@
+<% if input_config.enabled && input_config.visible %>
+  <div class="form-group group-email">
+    <%= form.label input_name, input_config.label, class: label_class %>
+    <div class="<%= input_class %>">
+      <%= form.text_field input_name,
+          value: (input_config.type == 'password' ? '' : value),
+          name: input_name,
+          placeholder: input_config.placeholder,
+          required: input_config.required,
+          type: input_config.type,
+          class: "form-control"
+      %>
+    </div>
+  </div>
+<% end %>

data/app/views/stormpath/rails/verify_email/new.html.erb ADDED Viewed

@@ -0,0 +1,49 @@
+<div class="container custom-container">
+  <div class="va-wrapper">
+    <div class="view login-view container">
+      <% if params[:sptoken] %>
+        <div class="row">
+          <div class="alert alert-warning">
+            <p>
+              This verification link is no longer valid. Please request a new link from the form below.
+            </p>
+          </div>
+        </div>
+      <% end %>
+      <div class="box row">
+        <div class="email-password-area col-xs-12 large col-sm-12">
+          <div class="header">
+            <span>Resend Account Verification Email?</span>
+              <% if params[:sptoken].nil? %>
+                <p>
+                  Enter your email address below and we'll resend your account
+                  verification email.  You will be sent an email which you will
+                  need to open to continue. You may need to check your spam
+                  folder.
+                </p>
+              <% end %>
+          </div>
+          <% if flash[:error] %>
+            <div class="alert alert-danger bad-login">
+              <p><%= flash[:error] %></p>
+            </div>
+          <% end %>
+          <%= form_for :verify_email, html: { class: "login-form form-horizontal" }, url: verify_email_path do |form| %>
+            <div class="form-group group-email">
+              <%= form.label :email, class: "col-sm-4" %>
+              <div class="col-sm-8">
+                <%= form.text_field :email, placeholder: 'Email', class: "form-control", name: :email, type: :email, required: true %>
+              </div>
+            </div>
+            <div>
+              <%= button_tag "Submit", :class => "login btn btn-login btn-sp-green", :type => "submit" %>
+            </div>
+          <% end %>
+        </div>
+      </div>
+      <%= link_to "Back to Log In", new_login_path, class: "forgot" %>
+    </div>
+  </div>
+</div>

data/bin/console CHANGED Viewed

@@ -1,7 +1,7 @@
 #!/usr/bin/env ruby
-require "bundler/setup"
-require "stormpath/rails"
+require 'bundler/setup'
+require 'stormpath/rails'
 # You can add fixtures and/or initialization code here to make experimenting
 # with your gem easier. You can also use a different console, if you like.
@@ -10,5 +10,5 @@ require "stormpath/rails"
 # require "pry"
 # Pry.start
-require "irb"
+require 'irb'
 IRB.start

data/bin/rails CHANGED Viewed

@@ -9,4 +9,4 @@ ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
 require 'bundler/setup' if File.exist?(ENV['BUNDLE_GEMFILE'])
 require 'rails/all'
-require 'rails/engine/commands'
+require 'rails/engine/commands'

data/bin/rake CHANGED Viewed

@@ -7,8 +7,8 @@
 #
 require 'pathname'
-ENV['BUNDLE_GEMFILE'] ||= File.expand_path("../../Gemfile",
-  Pathname.new(__FILE__).realpath)
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile',
+                                           Pathname.new(__FILE__).realpath)
 require 'rubygems'
 require 'bundler/setup'

data/bin/rspec CHANGED Viewed

@@ -7,8 +7,8 @@
 #
 require 'pathname'
-ENV['BUNDLE_GEMFILE'] ||= File.expand_path("../../Gemfile",
-  Pathname.new(__FILE__).realpath)
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile',
+                                           Pathname.new(__FILE__).realpath)
 require 'rubygems'
 require 'bundler/setup'

data/config/initializers/assets.rb CHANGED Viewed

@@ -1 +1,3 @@
-Rails.application.config.assets.precompile += %w( stormpath.css )
+if Rails.application.config.respond_to?(:assets)
+  Rails.application.config.assets.precompile += %w(stormpath.css)
+end